<!DOCTYPE html>
<html lang=zh>
<head>
    <!-- so meta -->
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="HandheldFriendly" content="True">
    <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" />
    <meta name="description" content="SQL注入挖掘 1234因为#&amp;#123;&amp;#125;使用了预编译,所以不考虑.因此全局搜索关键字 $&amp;#123;查看是否存在有风险的拼接方式如果是Mybatis,那么全局搜索时限制文件格式为.xml    hibernate  漏洞成因: 12345字符串拼接：开发者可能会将用户输入直接拼接到HQL或JPQL查询语句中，导致注入点的出现。不正确的参数绑定：开发者没有正确地使用参数绑定机制，而是将">
<meta property="og:type" content="article">
<meta property="og:title" content="代码审计Java篇">
<meta property="og:url" content="https://github.com/TonyD0g/2023/08/03/%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1Java%E7%AF%87/index.html">
<meta property="og:site_name" content="TonyD0g">
<meta property="og:description" content="SQL注入挖掘 1234因为#&amp;#123;&amp;#125;使用了预编译,所以不考虑.因此全局搜索关键字 $&amp;#123;查看是否存在有风险的拼接方式如果是Mybatis,那么全局搜索时限制文件格式为.xml    hibernate  漏洞成因: 12345字符串拼接：开发者可能会将用户输入直接拼接到HQL或JPQL查询语句中，导致注入点的出现。不正确的参数绑定：开发者没有正确地使用参数绑定机制，而是将">
<meta property="og:locale" content="zh_CN">
<meta property="article:published_time" content="2023-08-03T03:39:28.000Z">
<meta property="article:modified_time" content="2023-08-11T02:38:57.431Z">
<meta property="article:author" content="TonyD0g">
<meta property="article:tag" content="代码审计">
<meta name="twitter:card" content="summary">
    
    
        
          
              <link rel="shortcut icon" href="/images/favicon.ico">
          
        
        
          
            <link rel="icon" type="image/png" href="/images/favicon-192x192.png" sizes="192x192">
          
        
        
          
            <link rel="apple-touch-icon" sizes="180x180" href="/images/apple-touch-icon.png">
          
        
    
    <!-- title -->
    <title>代码审计Java篇</title>
    <!-- styles -->
    
<link rel="stylesheet" href="/css/style.css">

    <!-- persian styles -->
    
      
<link rel="stylesheet" href="/css/rtl.css">

    
    <!-- rss -->
    
    
<meta name="generator" content="Hexo 4.2.1"></head>

<body class="max-width mx-auto px3 ltr">
    
      <div id="header-post">
  <a id="menu-icon" href="#"><i class="fas fa-bars fa-lg"></i></a>
  <a id="menu-icon-tablet" href="#"><i class="fas fa-bars fa-lg"></i></a>
  <a id="top-icon-tablet" href="#" onclick="$('html, body').animate({ scrollTop: 0 }, 'fast');" style="display:none;"><i class="fas fa-chevron-up fa-lg"></i></a>
  <span id="menu">
    <span id="nav">
      <ul>
         
          <li><a href="/">首页</a></li>
         
          <li><a href="/about/">关于</a></li>
         
          <li><a href="/tags/">标签</a></li>
         
          <li><a href="/friends/">friends</a></li>
         
          <li><a href="/archives/">归档</a></li>
         
          <li><a href="https://github.com/TonyD0g">项目</a></li>
         
          <li><a href="/search/">搜索</a></li>
        
      </ul>
    </span>
    <br/>
    <span id="actions">
      <ul>
        
        <li><a class="icon" href="/2023/12/30/%E7%94%9F%E6%B4%BB%E6%97%A5%E8%AE%B02023%E5%B9%B4%E7%BB%88%E6%80%BB%E7%BB%93/"><i class="fas fa-chevron-left" aria-hidden="true" onmouseover="$('#i-prev').toggle();" onmouseout="$('#i-prev').toggle();"></i></a></li>
        
        
        <li><a class="icon" href="/2022/12/24/%E7%94%9F%E6%B4%BB%E6%97%A5%E8%AE%B02022%E5%B9%B4%E7%BB%88%E6%80%BB%E7%BB%93/"><i class="fas fa-chevron-right" aria-hidden="true" onmouseover="$('#i-next').toggle();" onmouseout="$('#i-next').toggle();"></i></a></li>
        
        <li><a class="icon" href="#" onclick="$('html, body').animate({ scrollTop: 0 }, 'fast');"><i class="fas fa-chevron-up" aria-hidden="true" onmouseover="$('#i-top').toggle();" onmouseout="$('#i-top').toggle();"></i></a></li>
        <li><a class="icon" href="#"><i class="fas fa-share-alt" aria-hidden="true" onmouseover="$('#i-share').toggle();" onmouseout="$('#i-share').toggle();" onclick="$('#share').toggle();return false;"></i></a></li>
      </ul>
      <span id="i-prev" class="info" style="display:none;">上一篇</span>
      <span id="i-next" class="info" style="display:none;">下一篇</span>
      <span id="i-top" class="info" style="display:none;">返回顶部</span>
      <span id="i-share" class="info" style="display:none;">分享文章</span>
    </span>
    <br/>
    <div id="share" style="display: none">
      <ul>
  <li><a class="icon" href="http://www.facebook.com/sharer.php?u=https://github.com/TonyD0g/2023/08/03/%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1Java%E7%AF%87/" target="_blank" rel="noopener"><i class="fab fa-facebook " aria-hidden="true"></i></a></li>
  <li><a class="icon" href="https://twitter.com/share?url=https://github.com/TonyD0g/2023/08/03/%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1Java%E7%AF%87/&text=代码审计Java篇" target="_blank" rel="noopener"><i class="fab fa-twitter " aria-hidden="true"></i></a></li>
  <li><a class="icon" href="http://www.linkedin.com/shareArticle?url=https://github.com/TonyD0g/2023/08/03/%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1Java%E7%AF%87/&title=代码审计Java篇" target="_blank" rel="noopener"><i class="fab fa-linkedin " aria-hidden="true"></i></a></li>
  <li><a class="icon" href="https://pinterest.com/pin/create/bookmarklet/?url=https://github.com/TonyD0g/2023/08/03/%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1Java%E7%AF%87/&is_video=false&description=代码审计Java篇" target="_blank" rel="noopener"><i class="fab fa-pinterest " aria-hidden="true"></i></a></li>
  <li><a class="icon" href="mailto:?subject=代码审计Java篇&body=Check out this article: https://github.com/TonyD0g/2023/08/03/%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1Java%E7%AF%87/"><i class="fas fa-envelope " aria-hidden="true"></i></a></li>
  <li><a class="icon" href="https://getpocket.com/save?url=https://github.com/TonyD0g/2023/08/03/%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1Java%E7%AF%87/&title=代码审计Java篇" target="_blank" rel="noopener"><i class="fab fa-get-pocket " aria-hidden="true"></i></a></li>
  <li><a class="icon" href="http://reddit.com/submit?url=https://github.com/TonyD0g/2023/08/03/%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1Java%E7%AF%87/&title=代码审计Java篇" target="_blank" rel="noopener"><i class="fab fa-reddit " aria-hidden="true"></i></a></li>
  <li><a class="icon" href="http://www.stumbleupon.com/submit?url=https://github.com/TonyD0g/2023/08/03/%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1Java%E7%AF%87/&title=代码审计Java篇" target="_blank" rel="noopener"><i class="fab fa-stumbleupon " aria-hidden="true"></i></a></li>
  <li><a class="icon" href="http://digg.com/submit?url=https://github.com/TonyD0g/2023/08/03/%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1Java%E7%AF%87/&title=代码审计Java篇" target="_blank" rel="noopener"><i class="fab fa-digg " aria-hidden="true"></i></a></li>
  <li><a class="icon" href="http://www.tumblr.com/share/link?url=https://github.com/TonyD0g/2023/08/03/%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1Java%E7%AF%87/&name=代码审计Java篇&description=" target="_blank" rel="noopener"><i class="fab fa-tumblr " aria-hidden="true"></i></a></li>
  <li><a class="icon" href="https://news.ycombinator.com/submitlink?u=https://github.com/TonyD0g/2023/08/03/%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1Java%E7%AF%87/&t=代码审计Java篇" target="_blank" rel="noopener"><i class="fab fa-hacker-news " aria-hidden="true"></i></a></li>
</ul>

    </div>
    <div id="toc">
      <ol class="toc"><li class="toc-item toc-level-1"><a class="toc-link" href="#SQL注入"><span class="toc-number">1.</span> <span class="toc-text">SQL注入</span></a></li><li class="toc-item toc-level-1"><a class="toc-link" href="#权限绕过"><span class="toc-number">2.</span> <span class="toc-text">权限绕过</span></a></li></ol>
    </div>
  </span>
</div>

    
    <div class="content index py4">
        
        <article class="post" itemscope itemtype="http://schema.org/BlogPosting">
  <header>
    
    <h1 class="posttitle" itemprop="name headline">
        代码审计Java篇
    </h1>



    <div class="meta">
      <span class="author" itemprop="author" itemscope itemtype="http://schema.org/Person">
        <span itemprop="name">TonyD0g</span>
      </span>
      
    <div class="postdate">
      
        <time datetime="2023-08-03T03:39:28.000Z" itemprop="datePublished">2023-08-03</time>
        
        (Updated: <time datetime="2023-08-11T02:38:57.431Z" itemprop="dateModified">2023-08-11</time>)
        
      
    </div>


      

      
    <div class="article-tag">
        <i class="fas fa-tag"></i>
        <a class="tag-link" href="/tags/%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1/" rel="tag">代码审计</a>
    </div>


    </div>
  </header>
  

  <div class="content" itemprop="articleBody">
    <h1 id="SQL注入"><a href="#SQL注入" class="headerlink" title="SQL注入"></a>SQL注入</h1><p><strong>挖掘</strong></p>
<figure class="highlight md"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line">因为#&#123;&#125;使用了预编译,所以不考虑.</span><br><span class="line">因此全局搜索关键字 $&#123;</span><br><span class="line">查看是否存在有风险的拼接方式</span><br><span class="line">如果是Mybatis,那么全局搜索时限制文件格式为.xml</span><br></pre></td></tr></table></figure>



<p><strong>hibernate</strong> </p>
<p>漏洞成因:</p>
<figure class="highlight md"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br></pre></td><td class="code"><pre><span class="line">字符串拼接：开发者可能会将用户输入直接拼接到HQL或JPQL查询语句中，导致注入点的出现。</span><br><span class="line"></span><br><span class="line">不正确的参数绑定：开发者没有正确地使用参数绑定机制，而是将用户输入直接传递给查询。</span><br><span class="line"></span><br><span class="line">缺乏输入验证：没有对用户输入进行严格的验证和过滤，导致恶意数据进入查询。</span><br></pre></td></tr></table></figure>

<p>修复方案:</p>
<p>使用参数绑定：在HQL或JPQL查询中，始终使用参数绑定来传递用户输入。不要将用户输入直接拼接到查询语句中。</p>
<ul>
<li>位置参数绑定：这是最基本的参数绑定方式。在查询语句中，使用问号（?）作为占位符，然后使用setXxx()方法将用户输入的值绑定到相应的位置。这里的Xxx可以是不同的数据类型，如字符串、整数等。</li>
</ul>
<p>示例：</p>
<figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line">String username = <span class="string">"john"</span>; <span class="comment">// 用户输入</span></span><br><span class="line">Query query = session.createQuery(<span class="string">"SELECT u FROM User u WHERE u.username = ?"</span>);</span><br><span class="line">query.setParameter(<span class="number">0</span>, username);</span><br><span class="line">List&lt;User&gt; users = query.list();</span><br></pre></td></tr></table></figure>

<ul>
<li>命名参数绑定：这是更推荐的参数绑定方式，因为它使得代码更加清晰和易读。在查询语句中，使用冒号（:）加上参数名作为占位符，然后使用setParameter()方法将用户输入的值绑定到相应的参数名。</li>
</ul>
<p>示例：</p>
<figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line">javaCopy codeString username = <span class="string">"john"</span>; <span class="comment">// 用户输入</span></span><br><span class="line">Query query = session.createQuery(<span class="string">"SELECT u FROM User u WHERE u.username = :username"</span>);</span><br><span class="line">query.setParameter(<span class="string">"username"</span>, username);</span><br><span class="line">List&lt;User&gt; users = query.list();</span><br></pre></td></tr></table></figure>
<p>其他方案:</p>
<figure class="highlight md"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br></pre></td><td class="code"><pre><span class="line">输入验证和过滤：对用户输入的数据进行严格的验证和过滤，确保只允许合法的数据进入查询。</span><br><span class="line"></span><br><span class="line">白名单：在查询中使用白名单机制，限制查询中允许的参数值，确保只能执行预期的操作。</span><br><span class="line"></span><br><span class="line">使用准备好的语句：考虑使用Hibernate的预处理语句（PreparedStatement）来执行动态查询，从而避免SQL注入。</span><br><span class="line"></span><br><span class="line">使用ORM框架：ORM框架（对象关系映射）如Hibernate提供了更安全的数据访问方式。尽量使用ORM框架的高级功能，而不是手动编写SQL查询。</span><br></pre></td></tr></table></figure>

<h1 id="权限绕过"><a href="#权限绕过" class="headerlink" title="权限绕过"></a>权限绕过</h1><p>如果直接获取了传入的URL,且没有进行安全过滤或安全过滤不完整，且判断admin权限过于简单，则可能存在权限绕过</p>
<ul>
<li><p><strong>uri.startsWith(“/admin”)</strong></p>
<p>可以使用  /;/admin/test 或 ///admin/test 进行绕过</p>
</li>
</ul>
<p>示例代码：</p>
<figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br></pre></td><td class="code"><pre><span class="line"><span class="function"><span class="keyword">public</span> <span class="keyword">boolean</span> <span class="title">preHandle</span><span class="params">(HttpServletRequest request, HttpServletResponse response, Object o)</span> <span class="keyword">throws</span> Exception </span>&#123; </span><br><span class="line">String uri = request.getRequestURI(); <span class="comment">// 直接获取URL,没有进行安全过滤</span></span><br><span class="line">    <span class="comment">// uri.startsWith("/admin") 判断权限过于简单</span></span><br><span class="line">    <span class="comment">// 可以使用  /;/admin/test 或 ///admin/test 进行绕过</span></span><br><span class="line">        <span class="keyword">if</span> (uri.startsWith(<span class="string">"/admin"</span>) 判断权限过于简单 &amp;&amp; <span class="keyword">null</span> == request.getSession().getAttribute(<span class="string">"loginUser"</span>)) &#123;</span><br><span class="line">            System.out.println(<span class="string">"no bypass"</span>);</span><br><span class="line">        &#125;<span class="keyword">else</span>&#123;</span><br><span class="line">            System.out.println(<span class="string">"bypass!"</span>);</span><br><span class="line">        &#125;</span><br><span class="line">&#125;</span><br></pre></td></tr></table></figure>


  </div>
</article>



        
          <div id="footer-post-container">
  <div id="footer-post">

    <div id="nav-footer" style="display: none">
      <ul>
         
          <li><a href="/">首页</a></li>
         
          <li><a href="/about/">关于</a></li>
         
          <li><a href="/tags/">标签</a></li>
         
          <li><a href="/friends/">friends</a></li>
         
          <li><a href="/archives/">归档</a></li>
         
          <li><a href="https://github.com/TonyD0g">项目</a></li>
         
          <li><a href="/search/">搜索</a></li>
        
      </ul>
    </div>

    <div id="toc-footer" style="display: none">
      <ol class="toc"><li class="toc-item toc-level-1"><a class="toc-link" href="#SQL注入"><span class="toc-number">1.</span> <span class="toc-text">SQL注入</span></a></li><li class="toc-item toc-level-1"><a class="toc-link" href="#权限绕过"><span class="toc-number">2.</span> <span class="toc-text">权限绕过</span></a></li></ol>
    </div>

    <div id="share-footer" style="display: none">
      <ul>
  <li><a class="icon" href="http://www.facebook.com/sharer.php?u=https://github.com/TonyD0g/2023/08/03/%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1Java%E7%AF%87/" target="_blank" rel="noopener"><i class="fab fa-facebook fa-lg" aria-hidden="true"></i></a></li>
  <li><a class="icon" href="https://twitter.com/share?url=https://github.com/TonyD0g/2023/08/03/%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1Java%E7%AF%87/&text=代码审计Java篇" target="_blank" rel="noopener"><i class="fab fa-twitter fa-lg" aria-hidden="true"></i></a></li>
  <li><a class="icon" href="http://www.linkedin.com/shareArticle?url=https://github.com/TonyD0g/2023/08/03/%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1Java%E7%AF%87/&title=代码审计Java篇" target="_blank" rel="noopener"><i class="fab fa-linkedin fa-lg" aria-hidden="true"></i></a></li>
  <li><a class="icon" href="https://pinterest.com/pin/create/bookmarklet/?url=https://github.com/TonyD0g/2023/08/03/%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1Java%E7%AF%87/&is_video=false&description=代码审计Java篇" target="_blank" rel="noopener"><i class="fab fa-pinterest fa-lg" aria-hidden="true"></i></a></li>
  <li><a class="icon" href="mailto:?subject=代码审计Java篇&body=Check out this article: https://github.com/TonyD0g/2023/08/03/%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1Java%E7%AF%87/"><i class="fas fa-envelope fa-lg" aria-hidden="true"></i></a></li>
  <li><a class="icon" href="https://getpocket.com/save?url=https://github.com/TonyD0g/2023/08/03/%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1Java%E7%AF%87/&title=代码审计Java篇" target="_blank" rel="noopener"><i class="fab fa-get-pocket fa-lg" aria-hidden="true"></i></a></li>
  <li><a class="icon" href="http://reddit.com/submit?url=https://github.com/TonyD0g/2023/08/03/%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1Java%E7%AF%87/&title=代码审计Java篇" target="_blank" rel="noopener"><i class="fab fa-reddit fa-lg" aria-hidden="true"></i></a></li>
  <li><a class="icon" href="http://www.stumbleupon.com/submit?url=https://github.com/TonyD0g/2023/08/03/%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1Java%E7%AF%87/&title=代码审计Java篇" target="_blank" rel="noopener"><i class="fab fa-stumbleupon fa-lg" aria-hidden="true"></i></a></li>
  <li><a class="icon" href="http://digg.com/submit?url=https://github.com/TonyD0g/2023/08/03/%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1Java%E7%AF%87/&title=代码审计Java篇" target="_blank" rel="noopener"><i class="fab fa-digg fa-lg" aria-hidden="true"></i></a></li>
  <li><a class="icon" href="http://www.tumblr.com/share/link?url=https://github.com/TonyD0g/2023/08/03/%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1Java%E7%AF%87/&name=代码审计Java篇&description=" target="_blank" rel="noopener"><i class="fab fa-tumblr fa-lg" aria-hidden="true"></i></a></li>
  <li><a class="icon" href="https://news.ycombinator.com/submitlink?u=https://github.com/TonyD0g/2023/08/03/%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1Java%E7%AF%87/&t=代码审计Java篇" target="_blank" rel="noopener"><i class="fab fa-hacker-news fa-lg" aria-hidden="true"></i></a></li>
</ul>

    </div>

    <div id="actions-footer">
        <a id="menu" class="icon" href="#" onclick="$('#nav-footer').toggle();return false;"><i class="fas fa-bars fa-lg" aria-hidden="true"></i> 菜单</a>
        <a id="toc" class="icon" href="#" onclick="$('#toc-footer').toggle();return false;"><i class="fas fa-list fa-lg" aria-hidden="true"></i> 目录</a>
        <a id="share" class="icon" href="#" onclick="$('#share-footer').toggle();return false;"><i class="fas fa-share-alt fa-lg" aria-hidden="true"></i> 分享</a>
        <a id="top" style="display:none" class="icon" href="#" onclick="$('html, body').animate({ scrollTop: 0 }, 'fast');"><i class="fas fa-chevron-up fa-lg" aria-hidden="true"></i> 返回顶部</a>
    </div>

  </div>
</div>

        
        <footer id="footer">
  <div class="footer-left">
    Copyright &copy;
    
    
    2016-2023
    TonyD0g
  </div>
  <div class="footer-right">
    <nav>
      <ul>
         
          <li><a href="/">首页</a></li>
         
          <li><a href="/about/">关于</a></li>
         
          <li><a href="/tags/">标签</a></li>
         
          <li><a href="/friends/">friends</a></li>
         
          <li><a href="/archives/">归档</a></li>
         
          <li><a href="https://github.com/TonyD0g">项目</a></li>
         
          <li><a href="/search/">搜索</a></li>
        
      </ul>
    </nav>
  </div>
</footer>

    </div>
    <!-- styles -->

<link rel="stylesheet" href="/lib/font-awesome/css/all.min.css">


<link rel="stylesheet" href="/lib/justified-gallery/css/justifiedGallery.min.css">


    <!-- jquery -->

<script src="/lib/jquery/jquery.min.js"></script>


<script src="/lib/justified-gallery/js/jquery.justifiedGallery.min.js"></script>

<!-- clipboard -->

  
<script src="/lib/clipboard/clipboard.min.js"></script>

  <script type="text/javascript">
  $(function() {
    // copy-btn HTML
    var btn = "<span class=\"btn-copy tooltipped tooltipped-sw\" aria-label=\"复制到粘贴板!\">";
    btn += '<i class="far fa-clone"></i>';
    btn += '</span>'; 
    // mount it!
    $(".highlight table").before(btn);
    var clip = new ClipboardJS('.btn-copy', {
      text: function(trigger) {
        return Array.from(trigger.nextElementSibling.querySelectorAll('.code')).reduce((str,it)=>str+it.innerText+'\n','')
      }
    });
    clip.on('success', function(e) {
      e.trigger.setAttribute('aria-label', "复制成功!");
      e.clearSelection();
    })
  })
  </script>


<script src="/js/main.js"></script>

<!-- search -->

<!-- Google Analytics -->

    <script type="text/javascript">
        (function(i,s,o,g,r,a,m) {i['GoogleAnalyticsObject']=r;i[r]=i[r]||function() {
        (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
        m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
        })(window,document,'script','//www.google-analytics.com/analytics.js','ga');
        ga('create', 'UA-84578611-1', 'auto');
        ga('send', 'pageview');
    </script>

<!-- Baidu Analytics -->

    <script type="text/javascript">
        var _hmt = _hmt || [];
        (function() {
            var hm = document.createElement("script");
            hm.src = "https://hm.baidu.com/hm.js?2e6da3c375c789455b664cea6d4cb29c";
            var s = document.getElementsByTagName("script")[0];
            s.parentNode.insertBefore(hm, s);
        })();
    </script>

<!-- Disqus Comments -->


</body>
</html>
